Re: suspicious RCU usage (perf)
From: Frederic Weisbecker
Date: Fri Aug 30 2013 - 12:06:14 EST
On Fri, Aug 30, 2013 at 05:59:36PM +0200, Peter Zijlstra wrote:
> On Fri, Aug 30, 2013 at 05:52:43PM +0200, Frederic Weisbecker wrote:
> > On Tue, Aug 27, 2013 at 02:16:29PM +0200, Peter Zijlstra wrote:
> > > On Mon, Aug 26, 2013 at 03:03:04PM -0400, Steven Rostedt wrote:
> > > > > Is there some path through sys_perf_open_event that might be
> > > > > missing a capability check perhaps ?
> > > > >
> > > >
> > > > That's a question for Ingo, Peter or Jiri.
> > >
> > > Its not something I've looked at recently, git blames Jiri and fweisbec
> > > for most of that code.
> > >
> > > Permission checks appear to live in
> > > kernel/trace/trace_event_perf.c:perf_trace_event_perm().
> >
> > Actually the following condition is weird:
> >
> > /* The ftrace function trace is allowed only for root. */
> > if (ftrace_event_is_function(tp_event) &&
> > perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> > return -EPERM;
> >
>
> That says: If its its a function-event and we're paranoid but we don't
> have root, bail.
Right, I misunderstood and thought we messed up general tracepoint permissions
with function events.
>
> > We probably intended to do:
> >
> > /* The ftrace function trace is allowed only for root. */
> > if (ftrace_event_is_function(tp_event) ||
> > perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> > return -EPERM;
> >
> > Can somebody confirm?
>
> That would always disallow function-events, no?
Yeah, sorry, returning from holidays require more dense coffee.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/